The advent of global communications networks such as the Internet has served as a catalyst for the convergence of computing power and services in portable computing devices. For example, in the recent past, portable devices such as cellular telephones and personal data assistants (PDAs) have employed separate functionality for voice communications and personal information storage, respectively. Today, these functionalities can be found in a single portable device, for example, a cell phone that employs multimodal functionality via increased computing power in hardware and software. Such devices are more commonly referred to as “smartphones.”
Oftentimes, these smartphones are further equipped with built-in digital image capture devices (e.g., cameras) for taking photos or short video clips, and microphones for receiving voice input, together with the computing functionalities of the PDA. The hardware and software features available in these smartphones and similar technologically capable devices provide developers the capability and flexibility to build applications through a versatile platform. Similarly, the built-in digital image capture devices are capable of generating video graphics array (VGA) quality pictures having 640×480 pixel resolution or higher. Many smartphones are capable of taking pictures on the order of one mega-pixel resolution and higher.
Given the advances in storage and computing power of smartphones, in particular, and portable wireless devices, generally, such devices can also serve as electronic organizers for managing and organizing a variety of PIM (personal information manager) data. The electronic organizer enables a user to store personal data in the smartphone for any purpose and to retrieve the data as desired, for authentication to a network, access to personal website information such as bank accounts and credit card accounts, and so on.
With the technological advances in handheld and portable devices, there is an ongoing and increasing need to maximize the benefit of these continually emerging technologies. For example, with so much personal information being stored in the smartphone, for example, and that exposure of such information can allow widespread access to any number of systems by unscrupulous individuals, it is becoming increasingly important to ensure that only the true owner of the device, can access the device. Additionally, once the true owner has accessed the device, there needs to be a mechanism whereby only the true owner will be allowed to access the associated network(s). Such access control can be managed through authentication.
Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. In private and public computer networks (including the Internet), authentication is commonly performed through the use of a logon process that can include a username and password. Traditionally, knowledge of the password is assumed to guarantee that the user is authentic. In practice, each user registers using an assigned or self-declared password. On each subsequent use, the user must use the previously declared password. One major flaw in this system is that passwords can often be forgotten, or more seriously, stolen and/or accidentally revealed. Such exposure can have a major impact on personal financial accounts and transactions, and even promote a more recent and rapidly increasing crime of identity theft. For this reason, Internet businesses and many other transactions now require more stringent authentication processes such as digital certificates. However, the criminal element will continue to seek ways of circumventing such authentication processes.